File manger? php+apache+samba(maybe mysql auth backend)  | | 
August 27th, 2004, 03:33 PM
|
#1 (permalink)
| | Senior Member
Join Date: Jan 2002 Location: ThirdWorld- Montana
Posts: 608
| File manger? php+apache+samba(maybe mysql auth backend)
We have an engineer who lives 200+ miles from the office.
Has anyone used a web based file manager for something similar? If so, which one and how successful was it?
Another thought is to use a vpn, though satelite uploads tend to drop packets and cause havok with vpn servers (or so I'm told). If this is not true it could be a solution. If it is the solution than would I need to give the engineer a shell account and chroot--or would there be another way for him to access/edit samba shares I'm still unclear as to how this would work.
Any thoughs on how our electrical engineer can remotely access his drawings and edit them? We also want some sort of secure login. Clients dont matter that much, we mostly just want to protect the server. No account numbers or anything, just many hours($'s) in creating the files. | 
|  | |
August 27th, 2004, 04:11 PM
|
#2 (permalink)
| | Not Really a Member
Join Date: Oct 2001
Posts: 25,215
|
What about a Terminal server, or a citrix solution?
I'd suggest diong a TS session over a VPN for security, but the Citrix should be OK as long as you put it with behind SSL
Depends on your budget
__________________
Helicopters don't fly; they vibrate so much and make so much noise that the earth rejects them.
| |
| | |
August 27th, 2004, 06:27 PM
|
#3 (permalink)
| | Senior Member
Join Date: Jan 2002 Location: ThirdWorld- Montana
Posts: 608
|
I'm the new guy there and work with the electrical engineer. They currently have 5 win 98 computers on their peer to peer network (no enterprise solutions lol) and I'm trying to give them a few modern network services. They have NO buget for IT.
They will give me the time to set it up, a scrap heap of old computers, and money for some hardware.
The basics I would like to start with are:
Central job/file location (samba)
Remote back-up server (should be pretty easy with rsync/ssh+bash script)
Some sort of remote connection for the electrical engineer (?)
Then I would like to set up a local webserver for craploads of dynamic content.
Vass have you set up a gpl vpn? The ideas you gave me sound great -- but definately not in the buget.
Thanks | |
| | |
August 30th, 2004, 02:05 AM
|
#4 (permalink)
| | Senior Member
Join Date: Jan 2002 Location: ThirdWorld- Montana
Posts: 608
|
I found WinSCP, It seems to do all we need for right now. Linky
Great little proggie.  | |
| | |
August 30th, 2004, 02:18 AM
|
#5 (permalink)
| | Senior Member
Join Date: Jul 2004 Location: New Zealand
Posts: 582
|
I use OpenVPN from either win2k or winxp to linux. This creates a virtual network device on both computers. I've run it through a cellphone GPRS connection regularly. Works well. | |
| | |
August 31st, 2004, 02:24 AM
|
#6 (permalink)
| | Senior Member
Join Date: Jan 2002 Location: ThirdWorld- Montana
Posts: 608
|
I am looking at openvpn.
2 Questions
1 Do I need ppp
2 Do I need tun/tap as modules (I now have it built in)
Gentoo doesnt seem to make the correct config directorys--when I get time I'll have to bild from source, | |
| | |
August 31st, 2004, 06:04 PM
|
#7 (permalink)
| | Senior Member
Join Date: Jul 2004 Location: New Zealand
Posts: 582
|
No need for ppp but of course you do need a network connection between the two boxes. i.e. send tcp packets back and forth on the chosen port.
To get the tap device in the kernel. I had
<M> Universal TUN/TAP device driver support
Other guff...
I'm still on openvpn 1.5.0 so these might be a little out of date on the new builds.
There was a reason I used tap instead of tun. I can't remember what it was sorry.
most configs in /etc/openvpn some in /etc/rc.d and build under the /usr/local/src tree
# my conf file on linux
dev tap
ifconfig 10.0.1.1 255.255.255.0
keysize 448
secret static.key
port 6001
comp-lzo
ping 15
verb 3
mute 5
I use the rc.d script from
# Contributed to the OpenVPN project by
# Douglas Keller <doug@voidstar.dyndns.org>
Put this in rc.local (I use slackware which has nice start scripts)
/etc/rc.d/rc.openvpn start
I always build these from the sources. It's generally the blindingly easy ./configure, make, make install sequence (which I read the READMEs to check).
On windows
remote xxx.xxx.xxx.xxx
port 6001
dev tap
ifconfig 10.0.0.2 255.255.255.0
secret static.key
keysize 448
ping 60
comp-lzo
verb 4
mute 10 | |
| | |
September 1st, 2004, 12:55 AM
|
#8 (permalink)
| | Senior Member
Join Date: Jan 2002 Location: ThirdWorld- Montana
Posts: 608
|
Cool man, thank you for all the info.
On a side note, I may go back to slack (really my favorite distro). I like gentoo portage, but on rare occasions like this where the ebuild is messed up, I wish I had the eloquence and simplicity of slackware. I have to make the correct directories and guess at permissions.
Thanks again | |
| | |
September 1st, 2004, 12:59 AM
|
#9 (permalink)
| | Senior Member
Join Date: Jan 2002 Location: ThirdWorld- Montana
Posts: 608
|
Oh by the way, why the 448 bit key? Does that give much more performance over a 512 key?
Also can tunneling be built into the kernel? Or do you HAVE to have module? | |
| | |
September 1st, 2004, 01:12 AM
|
#10 (permalink)
| | Senior Member
Join Date: Jul 2004 Location: New Zealand
Posts: 582
|
I never tried building tunneling into the kernel. Tried stunnel (TCP only connections) and FreeS/WAN(complicated) and OpenVPN(easy and worked) and stopped there
From the man page.
The default is BF-CBC, an abbreviation for Blowfish in Cipher Block Chaining mode. Blowfish has the advantages of being fast, very secure, and allowing key sizes of up to 448 bits. Blowfish is designed to be used in situations where keys are changed infrequently. | |
| | | Thread Tools | Search this Thread | | | | |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | | Most Active Discussions  | | | | |   Recent Discussions  | | | | |
 |
hardware
prices 
